Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
12-02-2024 17:45
Behavioral task
behavioral1
Sample
New Project Open For Bid IVP 278 (K) Series AI.pdf
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
New Project Open For Bid IVP 278 (K) Series AI.pdf
Resource
win10v2004-20231222-en
General
-
Target
New Project Open For Bid IVP 278 (K) Series AI.pdf
-
Size
107KB
-
MD5
676f3cd2213edb9ccba2eeeceff93b7e
-
SHA1
2691ebbd373c56c9bcd83a9650599ad6f284be3f
-
SHA256
054bac5f399d871b50c48563058a394e902cbc9d380e5ab278508460f6c68489
-
SHA512
b8fd3ea57349301064c66ebe3ba78ecca1720175f32b9a871b8446e40667e70a3da190f43236d3003bbba5ed6d1b3778022792ff3fc2b3016c6049f11a108b6c
-
SSDEEP
3072:3/QASq6oL9TeXRogwiw/Idxgru/CnnCUDZauj:Pmq6oMogwiQMxuwCnCu4C
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1232 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
AcroRd32.exepid process 1232 AcroRd32.exe 1232 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\New Project Open For Bid IVP 278 (K) Series AI.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1232
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD506ebeff7dff4071034927eb0bbdc12ce
SHA15346fa8ae3539fbc80be1b64a62f8b4e5f71d1c3
SHA2562d6290658c4c3a3bf1ba39e6011d42adc83e99685a2baf4262c259c963dba0bd
SHA5121cd42832bd8790fda7b70622dbe121028fec364d059b278064c5af94946bed3e8cde6eb6718ea10bdbeab1147d5ec06c3789a2383d0e00b89a4e0bab3f44aca5